A man-in-the-middle attack is a form of computer security breach in which an attacker (e.g., a hacker) makes independent connections with the victims' computers and relays messages between them, leading the victims to believe that the victims are communicating directly with one another over a secure connection, when in fact the communications are controlled by the attacker. To perform a man-in-the-middle attack, the attacker intercepts messages between the two victims and injects new messages, which are then sent to the victims. If the connection between the victims is encrypted, the attacker may circumvent the encryption by tricking a user (e.g., an end user at a client device) into accepting the attacker's public key certificate, rather than accepting a trusted certificate authenticated by a certification authority. The attacker may accept a trusted certificate from the other victim (e.g., a web site hosted on a host device). In this way, the attacker can use the certificates with both victims to establish encrypted communication sessions with both victims, and can intercept, decrypt, alter, remove, and insert messages between the victims, thus acting as a man-in-the-middle.